This sneaky type of phishing is growing fast because hackers are seeing big paydays

There’s been a steep rise in phishing attacks which hijack legitimate, ongoing conversations between users to steal passwords, steal money, deliver malware and more. 

Phishing attacks have been a cybersecurity issue for a long time, with criminals sending out vast waves of emails in an attempt to dupe victims into clicking on malicious links, downloading malware or handing over their passwords via fake login portals.  

They range from basic, generic attacks claiming that the victim has won a prize and they just need to click a link to retrieve it, to more targeted campaigns which send corporate emails designed to look legitimate for the intended target. For example, it’s common for cyber criminals to send emails posing as company’s CEO to that company’s employees in an attempt to trick the user into following orders from their ‘boss’. 

But increasingly, cyber criminals are looking to exploit the actual email accounts of real users by hacking into accounts and hijacking ongoing conversations in order to send phishing emails.  

These conversation hijacking attacks have the potential to be more effective because the source of the email is someone the victim trusts and the message comes as part of an ongoing thread, so doesn’t

Read More: